Re: Admin access
Karma nothing! More like cause and effect.
33090 publicly visible posts • joined 16 Jun 2014
"Then, if they decide they enjoy their new job, perhaps you can put them to work debugging your source code to remove all the security holes you've obviously missed."
As they seem to have worked substantially if not entirely via stolen credentials I don't think that would be productive and given their lack of operational security I don't think I'd trust them to harden anything.
Fortunately I've worked at quite a few places that had good backups and done a few restores over the year so it's not a universal truth that management don't understand. However I do remember one place that had the good fortune never to have to switch to their standby server because its overnight backup from live to standby consistently failed for lack of time but up until then nobody had noticed. I noticed because my gig was to replace both boxes for Y2K reasons.
"Cross-platform messaging sounds like fun. If the content is standard format, then write a lightweight client."
Start with email, make encryption standard rather than an add-on hardly anybody uses because hardly anybody else uses it.
I have a TRS-80 lingering in the garage. I found it for sale in a local market for a few quid years ago. I've no idea if it still works. I think I'll try to arrange a summer of old tech with the grandchildren, old computers along with old photography.
When the TRS-80 was a current product my boss bought one - no chance on my salary - and Ii built a joystick interface for him from a design in Byte - probably one of Steve Ciarcia's.
My daughter works in clinical trials. AFAICS her current firm is simply tweaking formulations into increasingly niche bits of an old, well supplied market. I wondered if there really was a big demand for such products. Her reply was "The boss is very good at talking money out of investors." and it seems to fit this case too.
I think the explanation is a little more complex than just third person usage. Instinctively, as someone who has been using English for more decades than I care to think about* the axis appears to be about more than singular vs plural. It's also informal vs formal, intimate vs impersonal and definite vs indefiinite.
Referring to oneself the usual pronoun is "I" but formally it can be "we". Hence the "royal we" for proclamations although it can be used in non-royal legal usage. It can even be used in less grand situations than that: habitually on cooking programmes a chef will explain what "we" are going to do although maybe that may be a case of not adapting to working solo instead of with a team. It's also not unknown for someone caring for a sick child to explain that "we" have not been feeling very well.
As regards 2nd person the rules for thou/you were (still are if you want to use them) exactly the same as tu/vous in French. The Yorkshire rule as said by a senior to a junior is "I can thou thee but don't thee thou me". I'm not a linguist but I gather German is even more complex.
As to third person I can't better the example someone gave on an earlier thread: "See who's at the door and find out what they want.". I agree this new usage can be a bit jarring but on the other hand, as a male, it's good to have my pronouns back: females had she, etc. to themselves but we blokes had to share our gendered pronouns with the general case.
English has cut down the complexity it seems to have inherited from its Indo-European roots but don't let's lose all the subtlety.
* and was brought up in a time and place where the 2nd person singular was in use.
"the reviews on this marketplace may not be entirely frank and fearless."
Published reviews might not but the intended market will be quite capable of forming their own views.
However I wonder if Russian idiom lends itself to comments such as "You will be very fortunate to have this operating in your system."
"Okta claims to have more than 15,000 customers, so if 2.5 per cent have been compromised that could be 375 organisations that now need to determine if all logons to their preferred clouds – and the actions taken by authenticated users – were legitimate and/or innocuous."
But all 15,000 will need to assume they were amongst the 375.
"I'm talking about OVERALL i.e. for the whole world, not just you."
I only care about me and mine. I have no wish to be pulled down to some intermediate level because your mother uses the same email/password combination for all sites.
In fact, right there, you've indicated one possible area for improvement which needs not particular technological fix nor optimistic trust in providers such as Okta: make it illegal to specify an email address as a login ID. That in itself would make it easier for those who care to use multiple login IDs without juggling multiple email addresses.
Very simply put, you create an account with SomeOrg and agree with SomeOrg that "this magic token" is associated with that account. The token itself doesn't identify you
It's normal practice when you create an account to use an identity to do that. These days banks are very careful about establishing identity to cope with money-laundering legislation (unless, of course, you're handling sufficient funds to make money laundering worthwhile if not the object of the operation in which case the bank will be delighted to give you an account in the name of any off-shre shell company you choose).
Where was I? Ah, yes. Account. Identity. No, the token itself doesn't identify you. But the token is associated with account so we have Token > Account > Identity. That's what I'd call indirect addressing. For some purposes it might be enough or, depending on the purpose, too much.
"That's a lot of usable phones lying around in drawers just as identity backups"
Apart from any other consideration that's also a lot of phones identities lying about to be nicked if you're burgled. Plus when you really need them you'll find that the battery life has decayed to 2 seconds and nobody local stocks that odd battery size any more.